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is to provide confidentiality of information, ensure payment integrity, and authenticate 
both merchants and cardholders. The current computing requirements for 
implementing the SET protocol make it inappropriate as a protocol for shopper/users to 
run directly from their browser. If such were used by the user, for example, in 
5 downloading an applet, downloading times and performance losses would likely 
increase to unacceptable levels. 



Further, unless the user has some mechanism of fair exchange, the user must 
trust the merchant, an entity with whom the user may not have had dealings and about 
10 which he is only able to obtain information from the merchant himself. The justifiable 
lack of trust in a merchant-server's self certification (e.g., the fear of merchant fraud) 
tends to limit the growth and acceptability of electronic commerce. Therefore, even 
when organizations use the SET protocol to perform payment functions, the user's lack 
of anonymity is a disadvantage. 

15 

The prior art describes various attempts at improving security. These attempted 
solutions fall into two categories: (1) third party protocols which make use of a trusted, 
on-line third party who is typically registered as such by a neutral entity, and (2) 
gradual exchange protocols in which the probability of obtaining a fair exchange is 

20 gradually increased over several rounds of communications. In common commercial 
terms, this latter protocol is comparable to a "course of dealing" between the parties 
involved in the exchange. In the trusted third party approach, organizations managing 
a trusted third party must conform to a number of requirements. For example, a trusted 
third party may be required to (1) meet minimum financial criteria, (2) to possess 

25 insurance against fraud, and (3) be socially credible. Proper adherence to and 
implementation of these requirements ensures that information disclosed by users to a 
trusted third party is handled in a secure manner. 

These two prior art solutions have shortcomings. For example, the third party 
30 method runs the risk of the third party becoming a bottleneck due to the fact that a 
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Claims 



1. A computerized method of transacting electronic commerce in an insecure 
5 network, the method improving data security in the insecure network by: 

a. operating on and between a user which has established a commercial 
relationship with a trusted third party, and merchants; and 

b. utilizing: 

i. network links between: 

10 (1) the user and the trusted third party broker and 

(2) the trusted third party broker and the merchants; and 

ii. protocols which operate on each network link, selected, at least 
in part, on the basis of the computer resources which may be 
expected to be available in each network link. 

15 

2. The method of claim 1 wherein a server of the trusted third party is built into a 
housing which includes a terminal interface thus permitting users to select and 
purchase the insurance products of insurance companies at a remote site such as 
at an airport. 

20 

3. The method of claim 1 wherein the trusted third party broker is an employment 
consultant certified as a trusted third party, the merchants are companies 
seeking employees, and the users are persons seeking employment. 



25 4. The computerized method of claim 1 comprising: 

a. permitting the user, using a browser and a low resource-intensive secure 
communication protocol, to access the trusted third party broker in order 
to request broker services; 

b. the trusted third party broker gathering information from web servers of 
30 the merchants which offer competitive products which may satisfy the 

user's request; 
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c. the browser presenting an interactive window to the user which allows 
the user to compare differences between the competitive products and 
choose between the competitive products; 

d. the user choosing between the competitive products, thus selecting a 
5 merchant and issuing a payment order through the trusted third party 

broker for the benefit of the merchant; 

e. the trusted third party broker transmitting the payment order to the 
merchant using a highly secure payment protocol, thus paying the 
merchant on behalf of the user; and 

10 f. the merchant and a bank cooperating using a highly secure payment 

protocol enabling the merchant to receive payment from the bank. 

5. The computerized method of claim 4 additionally comprising providing 
confirmation of payment on the payment order to the user. 

15 

6. The computerized method of claim 4 wherein the low resource-intensive secure 
communication protocol is the SSL protocol, the highly secure payment 
protocol is the SET protocol, the browser is JAVA-enabled, and the interactive 
window is an applet. 

20 

7. A computerized method of enabling a trusted third party broker, interfacing 
with users on an insecure network, to offer users the ability to browse, compare, 
and purchase using secure payment facilities irrespective of the level of security 
in communications between the user and the trusted broker, the method 

25 comprising : 

a. using a low resource-intensive secure communication protocol, 

presenting a user with an interface from which the user can browse, 
request information concerning the products of merchants, and compare 
such information via an interactive window; 

30 b. gathering the requested information from merchants; 
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10 



c. using a low resource-intensive protocol, providing the requested 
information to the user via an interactive window; 

d. upon the user's selection of a product offered by a merchant, receiving 
the user's payment order; 

e. using a highly secure payment protocol, transmitting the payment order 
to a selected merchant who may then receive payment thereon, and, 
subsequently, transmit confirmation of payment thereon to the trusted 
broker; and 

f. transmitting confirmation of payment to the user. 

The computerized method of claim 7 wherein the user browses using a browser 
which is JAVA-enabled, and the interactive window is an applet. 



9. The computerized method of claim 7 wherein the low resource-intensive secure 
15 communication protocol is the SSL protocol and the highly secure payment 

protocol is the SET protocol. 

10. A computerized method enabling a user to browse, compare, and purchase 
products offered by merchants using secure payment facilities irrespective of 

20 the available level of security in communications between the user and the 

merchant, the method comprising: 

a. using a low resource-intensive secure communication protocol, 

transmitting requests for information concerning the products of interest 
provided by the merchants to a trusted third party broker; 
25 b. receiving such information via an interactive window configured by the 

trusted broker; 

c. upon the user's selection of a product offered by a merchant, creating a 
payment order which is transmitted to the merchant by the trusted 
broker using a highly secure payment protocol, the selected merchant 

30 then receiving payment thereon; and 

d. receiving confirmation of payment. 
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The computerized method of claim 10 wherein the user browses using a 
browser which is JAVA-enabled, and the interactive window is an applet. 

The computerized method of claim 10 wherein the low resource-intensive 
secure communication protocol is the SSL protocol and the highly secure 
payment protocol is the SET protocol. 

A computerized method enabling a merchant to offer products in a forum in 
which users may browse, compare the features of the merchant's products with 
products offered by other merchants and purchase such products using secure 
payment facilities irrespective of the security in communications between the 
user and the merchant, the method comprising: 

a. receiving a request from a trusted third party broker for information; 

b. providing product information through an interactive window over a 
network to the third party broker; 

c. using a highly secure payment protocol, receiving a payment order 
through the third party broker from the user; 

d. using a highly secure payment protocol, obtaining payment on the 
payment order; and 

e. transmitting confirmation of receipt of payment to the third party broker 
who may in turn provide confirmation to the user. 

The computerized method of claim 13 wherein the user browses using a 
browser which is JAVA-enabled, and the interactive window is an applet. 

The computerized method of claim 13 wherein the low resource-intensive 
secure communication protocol is the SSL protocol and the highly secure 
payment protocol is the SET protocol. 
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16. A computer-readable medium encoded with a computerized method of 
transacting electronic commerce in an insecure network, the method improving 
data security in the insecure network by: 

a. operating on and between a user, which has established a commercial 
relationship with a trusted third party broker, and merchants; and 

b. utilizing: 

i. network links between: 

( 1 ) the user and the trusted third party broker and 

(2) the trusted third party broker and the merchants; and 

ii. protocols which operate on the network links, selected, at least 
in part, on the basis of the computer resources which may be 
expected to be available in each network link. 

17. The method of claim 16 wherein the network link between the user and the 
trusted third party broker uses a low resource-intensive secure communication 
protocol such as the SSL protocol and the network link between the third party 
broker and the merchant uses a highly secure payment protocol such as the SET 
protocol 
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□ the language of publication of the international application (under Rule 48.3(b)). 
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□ contained in the international application in written form. 

□ filed together with the international application in computer readable form. 
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□ furnished subsequently to this Authority in computer readable form. 

□ The statement that the subsequently furnished written sequence listing does not go beyond the disclosure in 
the international application as filed has been furnished. 
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listing has been furnished. 

4. The amendments have resulted in the cancellation of: 



Form PCT/IPEA/409 (Boxes l-VIII, Sheet 1) (July 1998) 



INTERNATIONAL PRELIMINARY 
EXAMINATION REPORT 



International application No. PCT/IB99/01 494 



□ the description, pages: 

□ the claims, Nos.: 

□ the drawings, sheets: 
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(Any replacement sheet containing such amendments must be referred to under item 1 and annexed to this 
report.) 
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V. Reasoned statement under Article 35(2) with regard to novelty, inventive step or industrial applicability; 
citations and explanations supporting such statement 

1. Statement 



Novelty (N) Yes: Claims 1-17 

No: Claims 

Inventive step (IS) Yes: Claims 

No: Claims 1-17 

Industrial applicability (IA) Yes: Claims 1 -1 7 

No: Claims 



2. Citations and explanations 
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VII. Certain defects in the international application 

The following defects in the form or contents of the international application have been noted: 
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The following observations on the clarity of the claims, description, and drawings or on the question whether the 
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see separate sheet 



Form PCT/IPEA/409 (Boxes l-VIII, Sheet 2) (July 1998) 



INTERNATIONAL PRELIMINARY International application No. PCT/IB99/01494 
EXAMINATION REPORT - SEPARATE SHEET 

1.0 With r f rencet Section I 

1.1 The phrase 'whereby the reduced security ... issued by a certification authority' 
added to claims 1, 7, 10, 13, and 16 with the amendments received on 4.12.00 
falls beyond the scope of the original disclosure, as forbidden by Article 34(2)(b) 
PCT. It states that the security of the communication protocol is improved by the 
trust given to the third party. However, this trust has no influence on the security of 
the protocol itself, rather on the security of the transaction as a whole. There is no 
basis in the original application for this (incorrect) statement, and as such the 
claims have been examined as if this phrase had not been added (as required by 
Rule 66 Abis PCT). 

1 .2 However, even if this phrase stated that the overall security is improved, it could 
still not be considered to be inventive. Every trusted third party will in practice 
need credentials of some form to guarantee its trustworthiness - the use of a 
certificate by a certification authority is a common choice for electronic 
applications. 

5.0 With reference to Section V 

5.1 Reference is made to the following documents:- 

D1: US-A-5 592 375 (SALMON BARDWELL C ET AL) 7 January 1997 
(1997-01-07) 

D2: EP-A-0 854 462 (HITACHI LTD) 22 July 1998 (1998-07-22) 

D3: O'MAHONY D.; PEIRCE M.; TEWARI HITESH.: 'Electronic Payment System' 

1997, ARTECH HOUSE COMPUTER SCIENCE, BOSTON MA 

XP002 122732 23662 
D4: EP-A-0 822 535 (AT & T CORP) 4 February 1 998 (1 998-02-04) 

This numbering will be adhered to throughout the application process. 

5.2 Independent claims 1 and 16 fail to meet the requirements of Article 33(3) PCT 
because they lack an inventive step. 
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The document D1 (in particular Figure 1) is regarded as being the closest prior art 
to the subject-matter of these claims, and discloses (the references in 
parentheses applying to this document): 

A computerised method of transacting electronic commerce in an insecure 
network (see Abstract), the method improving data security in the insecure 
network by: 

(a) operating on and between a user ('Buyer') which has established a 
commercial relationship with a certified trusted third party ('Server', see 
column 13, lines 61-62), and merchants ('Seller'); 

(b) utilising a network link between the user and the third party and a network 
link between the third party and the merchants (column 14, lines 20- 34); and 

(c) utilizing a communication protocol which operates on the network link 
between the user and the third party (obviously present); and 

(d) utilizing a payment protocol, which is more resource intensive than the 
communication protocol, which operates on the network link between the 
third party and the merchants (column 1 , lines 50-55, in the likely case where 
both interfaces have two modes, the user has a low-bandwidth 
communications channel, and the merchant a high-bandwidth 
communications channel. The fact that two modes are specifically disclosed 
indicates clearly that there are different protocols involved, and not simply 
one protocol operating faster or slower). 

Thus the only difference between claim 1 and D1 is that D1 does not state that the 
high resource intensive protocol is more secure. However, the skilled person will 
clearly want as much security as is reasonably possible due to the sensitive 
information being transferred. With the means already in place for choosing the 
protocol depending on available bandwidth, it would be obvious to implement 
higher security in the second mode protocol where it is known that a higher 
bandwidth is available. 

Therefore claim 1 is not inventive. Claim 16, as the corresponding computerised 
method, is similarly not inventive.- 

5.3 Independent claim 7 also fails to meet the requirements of Article 33(3) PCT 
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because it lacks an inventive step. Document D1 (in particular Figures 1 and 5) 
discloses: 

A computerised method of enabling a trusted third party (Figure 1 , 'Server'), 
interfacing with users (Buyers') on an insecure network (column 14, lines 20-34), 
to offer users the ability to browse and compare information (column 1 , lines 
19-25) and purchase products, (see column 13, lines 65-67, and Figure 5, steps 
570 and 572), the method comprising: 

(a) using a communication protocol (necessarily present), presenting a user with 
an interface from which the user can browse and request information 
concerning the products of merchants ('Sellers', column 3, lines 14-24), and 
compare such information via an interactive window; 

(b) gathering the requested information from the merchants; 

(c) using the communication protocol, providing the requested information to the 
user via the interactive window (see Figure 5, also column 2, lines 11-14 and 
column 3, lines 38-47). 

This follows partially the wording of claim 7, with the exception that details of the 
payment procedure are not explained in D1 , hence the following features are not 
disclosed therein:- 

(i) that payment is by means of a secure payment facility, irrespective of the 
level of security between the user (buyer) and the third party 

(ii) that upon the user's selection of a product offered by a merchant (seller), the 
user's payment order is received; 

(iii) that payment is transmitted by means of a payment protocol, which is more 
secure than the communication protocol; 

(iv) that confirmation of payment is transmitted to the third party; and 

(v) that confirmation of payment is transmitted to the user. 

As it is not even clear from D1 if the payments themselves are carried out over the 
network, none of the above can be assumed to be the case. However, D2, which 
describes a system for purchasing products/services over the Internet, does go 
into more detail concerning how the online payments are carried out. It discloses: 

(i) that payment is by means of a secure payment facility (the 'electronic cash' 
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described in column 1 of D2 clearly has its own security features), 

(ii) that upon the user's (buyer's) selection of a product offered by a merchant 
(prospective employee), the user's payment order is received (see column 6, 
lines 35-40); 

(iii) that payment is transmitted by means of a highly secure payment protocol, 
upon receipt of which the merchant may receive payment (Figure 5, step 
6007, whereby the settlement message, containing the (secure) payment, is 
transmitted to the merchant; see also column 7, lines 16-20); 

There is no mention of the transmission of receipts of payment, merely those of 
receipts of goods purchased. However, acknowledging payment with a receipt is 
standard practice, whether carried out on paper or electronically. 

Consequently, the skilled person, when wishing to e.g. add online payment 
facilities to the device of D1 , would clearly consider incorporating the techniques 
described in D2 (i.e. i-iii) to the method known from D1 , without the use of any 
inventive activity. Due to the two independent protocols of D1 (column 1 , lines 50- 
55), this would automatically result in using secure payment facilities (between the 
merchant and the third party) which are irrespective of the available level of 
security between the user and the third party. Adding the provision of payment 
receipts is an obvious option available to the skilled person, which is also not 
inventive. 

5.4 Independent claims 10 and 13 fail to meet the requirements of Article 33(3) PCT 
because they lack an inventive step. 

The features of these claims correspond to those of claim 7, simply seen from a 
different perspective, i.e. that of the user and merchant respectively. However, in 
essence they are the same features, and so are similarly preempted by 
documents D1 and D2. 

5.5 Dependent claims 2-6, 8-9, 11-12, 14-15 and 17 also fail to meet the requirements 
of Article 33(3) PCT because they lack an inventive step. The detailed reasoning 
therefore is given below. 
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5.6 With reference to claim 2, the fact that the trusted third party of D1 is a server (see 
Figure 1), implies that it is built into a housing including a terminal interface. The 
use of D1's system for selling products is suggested (column 2, line 20), and 
choosing a specific type of product, for example insurance (which does not 
necessarily require the transfer of a physical entity), which is suitable for online 
commerce does not amount to an inventive step. 

5.7 The features of claim 3 are clearly present in D1 (column 3, lines 28-36; obviously 
the names Merchants' and 'users' are arbitrary, and can be interchanged). 

5.8 With reference to claims 4 and 5, D1 discloses the following points, references for 
which are given:- 

(1) and (3) column 3, lines 37-47, and column 9, lines 30-35 

(2) Figure 1 , and column 3, lines 19-21 
(4) (without payment order) Figure 5, step 570 

The references to payment, part of (4), (5) and (6) are not disclosed in D1, but are 
known from D2 (see Section 5.3). 

5.9 Claims 6, 8-9, 11-12, 14-15, and 17 specify the communication protocol and the 
payment protocol as being the SSL and SET protocols respectively, that the 
browser is JAVA enabled, and that the interactive window is an applet. 

SSL and SET protocols are industry standards, with well known advantages and 
disadvantages (e.g. level of security offered, processing time required, level of 
anonymity, etc.). Depending on the exact requirements, these two protocols 
represent the obvious choices for payment protocols (see D3 for reference). 

Similarly, the use of JAVA browsers and applets is also known as a means of 
providing interactivity over the Internet (see for example, D4, column 6, lines 
23-30). 

5.10 It should be noted that the terms -such as 1 (claims 2 and 17) and 'may' (claims 4, 
7, and 13) indicate that the following feature is optional, and could be ignored for 
the purposes of examination. 
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5.1 1 The industrial applicability of all of the claims is self-evident, thus complying with 
the requirements of Article 33(4) PCT. 

7.0 With reference to Section VII 

7.1 Figure 1 is incorrectly described (on page 5) as a 'computerised method' (ref. 10), 
while it is clearly showing a network system. Figure 3 correctly shows the method. 
Furthermore, the same reference number cannot be used to show two different 
entities (i.e. a method and a system). 

8.0 With reference to Section VIII 

8.1 Claims 10 and 13 are unclear (Article 6 PCT) because they state that secure 
payment facilities can be used irrespective of the available level of security in 
communications between the user and the merchant. This is clearly not the case; 
the security is irrespective of the communications between the user and the third 
party. 
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